package com.cd.university.config.security.authentication;

import com.cd.university.config.security.properties.SecurityConstants;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.stereotype.Component;

/**
 * 表单登陆的security配置
 * @author 陈栋
 * @create 2021/9/3 18:35
 */
@Component
public class FormAuthenticationConfig {

    /**
     * 登录成功
     */
    @Autowired
    private AuthenticationSuccessHandler cdAuthenticationSuccessHandler;

    /**
     * 登录失败
     */
    @Autowired
    private AuthenticationFailureHandler cdAuthenticationFailureHandler;


    public void configure(HttpSecurity http) throws Exception {

        http
                .formLogin()
                /*
				当没有登录的时候，跳转的url
				 */
                .loginPage(SecurityConstants.DEFAULT_UNAUTHENTICATION_URL)
                /*
                Spring Security底层要用UsernamePasswordAuthenticationFilter这个过滤器
                就要使用/login并且使用post方法，我们可以改变它的逻辑改成我们自己的，所以用
                loginProcessingUrl替换掉/login使用UsernamePasswordAuthenticationFilter这个过滤器
                 */
                .loginProcessingUrl(SecurityConstants.DEFAULT_SIGN_IN_PROCESSING_URL_FORM)
                /*
				处理登录成功、登陆失败的处理器
				 */
                .successHandler(cdAuthenticationSuccessHandler)
                .failureHandler(cdAuthenticationFailureHandler);
    }
}
